Microsoft Security Essentials - Good Enough?

Microsoft Security Essentials is a free anti-malware application first released in June, 2009. It replaces the subscription-based Windows Live OneCare antivirus service and the free Windows Defender, which only protected against spyware and adware. Does this all-in-one security tool provide enough protection? Let's find out...

How Good is Microsoft Security Essentials?

Can you dump both your current anti-virus and anti-spyware apps, in favor of Microsoft Security Essentials (MSE)? Reviewers are giving MSE favorable marks, but will it provide robust protection against all types of malware?

Microsoft Security Essentials works on Windows XP, Vista, and Windows 7 (both 32 and 64-bit). It is available in 25 languages and is efficiently designed to avoid hogging system resources, an important consideration in user adoption and regular use. The fact that both virus and spyware protection are rolled into one program is a plus in this regard. Brian Krebs of the Washington Post found that MSE consumed only 4 MB of RAM even during active scans for malware. A quick scan took just 10 minutes in Krebs' test, and a full scan only 45 minutes.

Reviewers' mileage varies, just as yours will. On the downside, PC Magazine reported that MSE takes up 110 MB of hard disk space. If you have a typical 500GB hard drive, though, that's hardly a blip on the radar. PC Mag also found that a full scan on a heavily infected system took over an hour, while the same scan on a virus-free system took only 35 minutes. Apparently, MSE's malware-eradication routines take quite a bit of time compared to competitors. But regardless of the timings, is MSE effective?

The official release of MSE did quite well in the independent lab AV-test.org's tests. MSE found 98.44 percent of 545,034 computer viruses, computer worms and software Trojan horses as well as 90.95 percent of 14,222 spyware and adware samples. It also detected and eliminated all 25 tested rootkits. It generated no false-positive at all. (A false-positive is when a legitimate program is mistakenly flagged as malware.)

In addition to receiving good marks from AV-Test, MSE has been certified by the International Computer Security Association (ICSA) Labs, it received the Checkmark certification from West Coast Labs, and won the PC Advisor Awards 2010 - Best Free Software award.

Even established anti-malware developers give MSE grudging respect - well, two of them do, anyway. AVG Technologies, developer of the free AVG Antivirus suite, stated that MSE is "a positive step for the AV (anti-virus) landscape." Avast Software, maker of Avast Antivirus, allowed that "MSE is not the silver bullet but it is also not the bad sequel to One Care that some claim," according to CEO Vincent Steckler.

Taking MSE For a Test Drive

Want to try MSE for yourself? You can download Microsoft Security Essentials from Microsoft and click to run the installer. The first thing MSE does is check the validity of the installed copy of Windows. So if you're running a pirated copy of Windows, you're out of luck. MSE will detect Windows Defender and disable it, if it is present. MSE does Windows Defender's job as well as other things.

MSE includes real-time defenses as well as scheduled and manual scans for malware. File downloads and email attachments are scanned as they arrive. Before taking action against a suspect file, MSE prompts the user for input. If no input is received within 10 minutes then MSE takes whatever action is specified in its settings; typically, that would be "quarantine" the suspect file until some human has a look at it. MSE automatically checks for malware definition and signature database updates, which Microsoft is releasing three times a day.

I have a 5-year-old laptop that I use for travel, so I decided to replace my current security software (Avira anti-virus and Windows Defender) with MSE. The installation went smoothly, and during the initial scan, MSE found some malware (Win32/ClickSpring.B) that Avira had not detected.

That's not to say that Avira isn't an excellent anti-virus program. But none of them will detect ALL the bad stuff. So it's not surprising that you'll find one or two nasties if you switch from one anti-virus program to another.

MSE is intended for consumers, not enterprises. It lacks the network monitoring features that Microsoft Forefront Client has, for example. But other than that, MSE seems to be a worthy addition to the free anti-malware arsenal. Aside from the fact that I have reservations about Microsoft muscling into yet another market where there were already several worthy competitors, I have no problem recommending MSE for those in search of free anti-virus and anti-spyware protection.

I should mention that it's almost never a good idea to use more than one anti-virus program at a time. They can interfere with each other, cause false positives to be reported, and will needlessly slow down your computer. On the other hand, it's fine to have one anti-virus program and use a malware scanner such as MBAM (see my related article MalwareBytes Anti-Malware) which is NOT always running, to do occasional peace of mind scans.

Most recent comments on "Microsoft Security Essentials - Good Enough?"

As a blind computer user, software which operates correctly with my screen reader software is a must. I had previously used Avast, as its interface was accessible. But the recent upgrade to Avast 5 has rendered the accessibility of its interface very poor at best. I have switched all of my computers to MSE and it is working great. I had started migrating many of my clients computers to MSE last December and they have all performed flawlessly. The nicest part is that MSE has virtually eliminated the need to manually remove viruses and malware that used to sneak past McAfee, Norton and AVG. I highly recommend MSE, although I never thought that I would be recommending a Microsoft AV product.

Posted by:
Cal T
21 Oct 2010

I've been using the Avast Free anti-virus program, and it is excellent! Will not try anything from Micro Soft. Still don't trust them absolutely.

Posted by:
Bill Michie
21 Oct 2010

Though really a question, this is sort of about this article, so I'll try here.

You said:

>> so I decided to replace my current security software (Avira anti-virus and Windows Defender) with MSE.

I use Avira anti-virus too (for many years, free and Premier). Just installed Avira free on new Win 7 Ultimate load; but it wanted me to turn off Win Defender first. Can one run them together, somehow?

EDITOR'S NOTE: Bill, Avira Free does have an anti-spyware component. I can't say how it compares to what Defender offers. You might be able to turn off real-time protection in Defender and still run manual or scheduled scans.

Posted by:
Alex
21 Oct 2010

Hey Cal, if you don't trust Micro$oft, why you using Windows? Windows IS from Micro$oft! If I am going to use Windows, I would be likely to trust an antivirus from the people who developed Windows, thus know the OS intimately rather than one from a third party.

If you hate Micro$oft, go to Linux, and get rid of Windows completely. Otherwise, get real...

Posted by:
mur_phy
22 Oct 2010

I have been using MSE for a year now and find it works very well. Have used almost every AV scanner available as freeware and while others work well, MSE is a great "set it and forget it" program. Besides MBAM one should also keep SuperAntiSpyware available so you have a couple of "spare tires".

Many of us admins in PC Tech in PalTalk use these programs daily to assist users in cleaning their systems. As I write we are trying to assist a user to remove ThinkPoint which is quite a nasty.

Posted by:
Ashik
22 Oct 2010

I used MSE, Avira and AVG. But I found that MSE can detect many more viruses and malware that Avira or AVG can't detect. So, it is best to use MSE.

Posted by:
Robert
22 Oct 2010

I use mse on my dell demension 2400 computer. It takes about twelve hours to run a full scan. How come you say it only takes about one hour.

EDITOR'S NOTE: Wow, that seems excessive. I wonder, do you have any other anti-virus or anti-spyware tools running at the same time? That could be slowing things down. Also, the speed of your processor, the amount of RAM (and free RAM), and the number of files you have, will all affect the time required. Try disabling other security tools, and running it in Safe Mode and see what happens.

Posted by:
Russ
23 Oct 2010

I have been using AVG on an older notebook and have Spybot in the background to run when I want it to run. After reading comments, I am ready to try MSE and give it a whirl. I have also tried using Iobit software, but it occasionally seems to be a memory hog, and heavy on the resources. I have been using Zone alarm for a firewall, instead of the windows firewall. (but have switched back and forth to see what's going on with my resources) Any other comments or suggestions because I don't like running out of memory when I seem to have so few things running. I have 1.5 gb of memory that always seems a third or more is being used, with almost no programs running. And yes, it can take a while to run AVG or Spybot... I think I have tried MBAM, but it seems like it had a lot of extra junk loaded with it at the same time unless I downloaded a copycat malware version...

Posted by:
srs2000
23 Oct 2010

I have used Avast (free) and AVG (free, then paid version) before trying MSE. The experts say it does the job as well as any of them, so that's was good enough for me to give it a try, which I did when my paid subscription ran out. The program installs easily and is very easy to manage (although I forget its there, which is a good thing). It never seems to intrude other than an occasional alert when it finds something. What more could you want?

Posted by:
Charles Etheridge
31 Oct 2010

I have been using MSE very contentedly since the initial release, and now it's at least in edition 3. It has caught a number of problems even though I am a bit conservative in my Internet use. I am quite satisfied with it, and I have even found that a quick scan - of generally around 90,000 items - takes only about 4 minutes. Though it does update automatically I usually do run an update as part of each use. The only problem with this is that my update history file is well over 2 pages on a 27" monitor. I run Windows 7 Ultimate x64bit and am very happy with MSE.

Posted by:
gene
01 Nov 2010

Hi well I use to use mse as my main security solution untill it horibly failed to fend off a very very distructive worm. I had this program I downloaded that had a keygen and msc detected it it and tried to remove it and when the computer restartedc the hard drive processed and processed and when everything got through mse was no longer in the system tray in fact nothing to that nature was there so I attempted to run it from the desktop the drive processed and then it said your security software is enfected do you want to turn on security suite demo now? Well when I did that I realized that not only had mse been destroied but everything else was pretty much a mess and the mschost.exe files which I think are for networking and the internet were savatoged too. So I tried to uninstall that dumby program that the worm installed, not only would that come off but nothing else would uninstall either and I even used revo uninstaller with no success. Needless to say, mse allowed that worm to do a number on my system making the only choice be to reformat and reinstall. Now I know that no security software is perfect and I guess you can't beat something being free but I still think trend micro has a much better guard when it comes to security.

Posted by:
Andy
01 Nov 2010

MSE is indeed a good program, and can be used with MBAM set to real time monitoring (paid version only.) However it is essential to add exceptions in MSE for MBAM if running XP, and advisable with Vista or W7 OS.

The list of exceptions (5 in all) can be found on the MBAM site and are easy to type into MSE "excluded files" and "excluded processes" section.

As MBAM runs at a different level and is not a traditional antivirus app., it works very well with MSE and windows.

Of course running two AV programs with real time protection is asking for trouble, but MBAM is different as it is designed to "compliment" not replace more traditional anti-virus programs.

Posted by:
chesscanoe
09 Nov 2010

I've been running the MSE beta 2 since it became available, and today Microsoft improved it via Windows Update:

I use mse on all(5) of my computers ..after using avg now I just use mse...great program & not a memory hog like all the others....I figured it is from the manufacturer of the os how bad cane it be....havent had a issue since I started using it...I started using it when I think when it came out ,a year or so....

Posted by:
Ken
25 Nov 2010

I downloaded MSE two days ago - the easiest download I've ever touched - and obviously haven't had much experience with it but what I've noted so far is the lack of fuss while its working in the background. I've yet to disable the free Avast email only file. I didn't see mention of the email equivelant during download. I have just expected the MSE covers that aspect, being internet related. Anyone here know for sure?

I downloaded Defender at the same time and expect MSE disabled that one. Can't imagine there's any harm in deleting that file?

As you can see, I'm not a techie by any stretch of a mystery-writer's imagination.

Thanks for the help, Bob; much appreciated.

Posted by:
Speedyguy
30 Nov 2010

I have been using MSE for the last year or so. It does very well for me. My computer is slow, and most anti-virus programs bog it down. MSE uses less ram.

I do amatuer repair work for friends and family. I have changed them over to MSE, they enjoy it because of the simple interface. I install it and set scheduled scans, and everything else is pretty simple for them.

I am not a big fan of Microsoft, but I give them a thumbs up on this one!

Posted by:
pagangirl
22 Jul 2011

I am running into one issue with MSE. About once an hour, I get a pop-up telling me that my firewall is down. I have to click the program open and turn the firewall back on. Not only is this extremely disruptive and annoying, it also makes me wonder if something nasty will slip in if I miss the warning.
Because of this, I am shutting down my internet connection when I am not actively using it. Has anyone else experienced this? Is there a fix?
I'm not a techie at all. My fixer-guy installed this after my unfortunate run in with a nasty popup that loaded malware when I tried to close it out.

EDITOR'S NOTE: My first guess would be that some malware is turning off the firewall. Try scanning with MBAM. See http://askbobrankin.com/malwarebytes_antimalware.html

Posted by:
Josephine Garbutt
27 May 2012

First I must say that I am totally computer-illiterate. When I bought my pc in 2008 I subscribed to Windows Live Care and when it was due to expire they gave me an extra 6 months free of charge and then advised me to download MSE. Never had one single problem. 4 months ago I had my little pc upgraded from Vista to Windows 7 Ultimate...the person who did it said that MSE was NOT an anti-virus and made me pay 80 euro to put another one in (Kaspersky). I've had a virus problem with my email account which was not detected, so it's obviously not that good. MSE also reminded me to do a clear-out of old files now-and-again... Kaspersky doesn't. I'm definately going back to MSE as soon as this subscription runs out.
Thank you very much for your clear explanations, they're worth gold to people like me!

Posted by:
The Froman
15 Feb 2013

I installed MSE about 2 years ago, and have had problems at all!!(I hope I didn't just jinx myself or my laptop ;) Never had one virus or malware that that I know of.

Posted by:
Cat Tilley
26 Mar 2013

I began using MSE shortly after Windows 7 was released. Prior to that, I was running Avast Free, however at that time, the boot time scan wasn't available for 64 bit OS's.

So I tried MSE & for a few months, all was OK. Then one night, I decided to try the Safari browser with Google Safe Search. I was to soon find out just how safe it was. 15 to 20 minutes later, with several pages open, I caught what was the nastiest infection of my life. MSE warned me, but it was too late. Couldn't run a scan with it, nor MBAM (free version), nor get to the MRT tool in the Start Menu that's released each month via Windows/Microsoft Update.

Fortunately, this happened on a TechNet version of Windows 7, not my main install. I simply formatted the partition & reinstalled. But since then, went with NOD32 AV, along with MBAM Pro. Though I do feel that had MBAM Pro been installed (rather than the free on demand scanner), the infection wouldn't have happened.

Post your Comments, Questions or Suggestions

* Name:
* Email:
(* = Required field)

(Your email address will not be published)

Comments: (you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.